PT-2026-1289

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 24.04.0 through 24.04.3 Centreon Infra Monitoring versions 24.10.0 through 24.10.3 Centreon Infra Monitoring versions 25.10.0 through 25.10.2 Description A flaw exists in Centreon Infra Monitoring Awie export...

PT-2026-1226

Name of the Vulnerable Software and Affected Versions QOCA aim AI Medical Cloud Platform affected versions not specified Description The QOCA aim AI Medical Cloud Platform allows authenticated remote attackers to inject arbitrary SQL commands, potentially enabling them to read database contents...

hosporder SQL注入漏洞

hosporder is a hospital appointment registration system by the individual developer Xiaohao.Shi in China. A SQL injection vulnerability exists in hosporder 627f426331da8086ce8fff2017d65b1ddef384f8 and earlier versions, which stems from an incorrect manipulation of the parameter hospitalAddress/...

WordPress plugin Entrada SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL...

WordPress plugin Infility Global SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

Code-Projects Online Product Reservation System SQL注入漏洞

Code-Projects Online Product Reservation System is a Code-Projects open source online product reservation system. A SQL injection vulnerability exists in Code-Projects Online Product Reservation System version 1.0, which originates from the incorrect operation of the parameter emailadd in the fil...

CampCodes Supplier Management System SQL注入漏洞

CampCodes Supplier Management System is a supplier management system from CampCodes, Inc. A SQL injection vulnerability exists in CampCodes Supplier Management System version 1.0, which stems from incorrect manipulation of the parameter txtRetailerAddress in the file /retailer/editprofile.php,...

CVE-2025-15446

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The vendor mentioned in the original disclosure filed a report that this issue affects a different...

CVE-2026-0579

CVE-2026-0579 affects Code-Projects Online Product Reservation System 1.0. A SQL injection exists in the POST Parameter Handler for /handgunner-administrator/edit.php, triggered by manipulating the arguments prod_id, name, price, model, or serial. The vulnerability is exploitable remotely and pub...

EUVD-2026-0776

A vulnerability was determined in CRMEB up to 5.6.1. This vulnerability affects unknown code of the file /adminapi/export/productlist. This manipulation of the argument cateid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-0576

A vulnerability was detected in code-projects Online Product Reservation System 1.0. Affected is an unknown function of the file /handgunner-administrator/prod.php of the component Parameter Handler. Performing a manipulation of the argument cat/price/name/model/serial results in sql injection. I...

PT-2026-1199

Name of the Vulnerable Software and Affected Versions Seeyon Zhiyuan OA Web Application System versions prior to 20251224 Description A flaw exists in Seeyon Zhiyuan OA Web Application System. The issue involves the manipulation of the unitCode argument within an unknown function of the file...

SecurityAnalystTasks

SecurityAnalystTasks This repository contains hands-on cyberse...

SQLi_AI_defence

SQLiAIdefence A small model ba...

PT-2026-3063

Name of the Vulnerable Software and Affected Versions GLPI versions 11.0.0 through 11.0.2 Description An unauthenticated user can execute SQL injection attacks through the inventory endpoint. The issue affects GLPI versions 11.0.0 through 11.0.2. The vulnerable endpoint is /inventory. The attack...

CVE-2025-15408

A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is an unknown function of the file /admin/Createproduct.php. Performing a manipulation of the argument dretitle results in sql injection. The attack is possible to be carried out remotely. The exploit has been made publi...

CVE-2026-0568

The CVE affects code-projects Online Music Site 1.0, specifically the /Frontend/ViewSongs.php file where manipulation of the ID parameter enables SQL injection. This allows remote exploitation, and an exploit has been published. Root cause is unsanitized/incorrect handling of the ID argument in a...

CVE-2026-0567

The CVE-2026-0567 entry affects code-projects Content Management System 1.0. The vulnerability is in the /pages.php file, where manipulating the ID argument causes a SQL injection. It can be exploited remotely and an exploit is publicly available. Connected advisories corroborate a remote SQL inj...

CVE-2025-15435

CVE-2025-15435 affects Yonyou KSOA 9.0. The vulnerability is an SQL injection in an unknown functionality of file /worksheet/work_update.jsp, triggered by manipulating the Report argument. The attack can be initiated remotely and an exploit has been published; vendor response is not provided. Con...

CVE-2025-15434

Summary: CVE-2025-15434 affects Yonyou KSOA 9.0 via an SQL injection in an unknown function of the file /kp/PrintZPYG.jsp, caused by manipulating the zpjhid parameter. Reports indicate remote exploitation with the exploit publicly available. Multiple sources (NVD, Red Hat, CVE list, CNNVD, ENISA,...